....
....some headers removed.....
....
Received: from wine.codeweavers.com ([209.46.25.134]) by
m1pismtp01-012.prod.mesa1.secureserver.net with ESMTP; 20 Jul 2011
00:24:17
-0700
Received: from localhost ([127.0.0.1] helo=localhost.localdomain
ident=list) by wine.codeweavers.com with esmtp (Exim 4.69)
(envelope-from
<wine-users-bounces at winehq.org>) id 1QjR8Z-000558-Vt; Wed, 20 Jul 2011
02:24:11 -0500
Received: from www-data by wine.codeweavers.com with local (Exim 4.69)
(envelope-from <www-data at wine.codeweavers.com>) id 1QjR8U-00054y-Ll
for
wine-users at winehq.org; Wed, 20 Jul 2011 02:24:02 -0500
Message-ID: <1311146642.m2f.64016 at forum.winehq.org>
From: "tony_toan" <wineforum-user at winehq.org>
X-Generated-By: M2F: www.mail2forum.com
Date: Wed, 20 Jul 2011 02:24:02 -0500
To: wine-users at winehq.org
Subject: [Wine] ABRACON - GNN Components, Co.Ltd
X-BeenThere: wine-users at winehq.org
X-Mailman-Version: 2.1.11
Precedence: list
Reply-To: wine-users at winehq.org
List-Id: Wine Users Mailing List <wine-users.winehq.org>
List-Unsubscribe: <http://www.winehq.org/mailman/options/wine-users>,
<mailto:wine-users-request at winehq.org?subject=unsubscribe>
List-Archive: <http://www.winehq.org/pipermail/wine-users>
List-Post: <mailto:wine-users at winehq.org>
List-Help: <mailto:wine-users-request at winehq.org?subject=help>
List-Subscribe: <http://www.winehq.org/mailman/listinfo/wine-users>,
<mailto:wine-users-request at winehq.org?subject=subscribe>
Sender: wine-users-bounces at winehq.org
Errors-To: wine-users-bounces at winehq.org
The headers I removed show the mail's path from my domain name host
(secureserver.net) to this computer, so are not relevant.
As you can see, the envelope sender is wine-users-bounces at winehq.org
The message was originated by 'www-data' in the Codeweavers domain.
I know its there because their copy of the Exim MTA says the www-data
message source is local to itself, i.e. on the same server. This message
clearly didn't originate from a mail client or there would be a header
showing this and the message-ID would have identified the mail client.
The message then went through M2F, which is a bridge program that
transfers messages between web forums and mail systems. This added the
message ID and all the headers related to the wine-users.winehq.org
mailing list before passing it to the codeweavers mailserver, which sent
it to my domain host.
> It's not clear to me what is meant by this.
>
It means that spam that appears on the Wine users mailing list is being
input through web forum software at Codeweavers.
It also appears that more of the Wine project is hosted by Codeweavers
than I realised. The headers indicate that they host the Wine forums and
mailing lists.
Its also quite clear that the only spam filters are on my side of the
Internet because these have all added headers. They are:
- my domain host, which is running IronPort
- my ISP, which is running DSPAM
- I'm running SpamAssassin on the feed to my Postfix MTA.
There are no other spam filters anywhere along the delivery chain.
> Is their forum using phpbb?
>
I can't tell. There's nothing in the headers that identifies the forum
software.
> Are we sharing the same email transports sys, so that all the mail
> appears to originate from the same source?
>
Yes, I think so. Your message has the same set of headers as the spam I
analysed.
> If this is the case, then there is no point in me contacting the ISP
> admin, cos they could say that we ARE the source of spam.
>
Correct.
> Is this not something that should be worked out with php, with an
> implementation of anti-spam measures, such as those you have outlined?
>
Thats pretty much the case. Adding a spam filter between the web forums
and the Codeweavers MTA may catch some spam, but doing this is hard
because you're limited to looking at the body of the message: the mail
headers showing where the message originated, etc. simply aren't there
yet or have been given fixed values by the forum software and/or M2F.
General consensus seems to be that keeping spammers out of forums is the
best approach. I can't recall getting spam from a mail list or forum
that uses an e-mail challenge/response system as part of the sign-up
process.
> But what I do know is that it's a bit of a bummer when WineHQ is
> considered such a source of spam, that its emails are simply blocked
> by certain ISP's.
>
Agreed. Keeping spammers out, or at least vastly reducing spamming, is
the essential first step to getting off ISP blacklists.
Martin